[Nagiosplug-devel] Please can I have GIT access
Thomas Guyot-Sionnest
dermoth at aei.ca
Fri Sep 4 16:43:10 CEST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alain Williams wrote:
> On Fri, Sep 04, 2009 at 10:05:01AM -0400, Thomas Guyot-Sionnest wrote:
>
>> The plugin can easily detect if the FH isn't open and throw an helpful
>> error. Moreover, I believe nagios should be told explicitly to store
>> data for a command.
>
> Nooooo! This is an invitation to errors.
> What you are suggesting is that the plugin is to expect FD 3 to be open
> and use it to read/write data from (or was it FD 3 to read, FD 4 to write?).
>
> The problem is that the plugin can't really tell what the FD is connected to.
> So: when[**] the plugin is invoked and FD 3 is open on something else that
> got inherited (some bug in the shell, login, sudo, ... left it open on /etc/passwd)
> and it just uses it .... you have a disaster.
Still that is a bug. And if a simple plugin end up clobbering
/etc/passwd (or anything similar), you have a way bigger issue because:
1. The FH should have been opened read-only unless for writing (in the
latter case is should have been closed promptly too).
2. The plugin shouldn't be running as root
> Also: I don't about you, but when playing with a new plugin I run it a few
> times by hand from the shell. It is much more difficult to have the
> FDs open as opposed to a --statefile=/xxxx option.
Have you seen my first example?
touch file; ./check_stuff 3<file 4>file.new; mv file.new file
And as I keep saying a wrapper program would be provided too.
- --
Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkqhJ34ACgkQ6dZ+Kt5BchatYgCcDShmQ1hwPGqbUko24fBiehn3
In8AoLYGjL/1AV+Szx/5YvIAfeBl8PhO
=hsWb
-----END PGP SIGNATURE-----
More information about the Devel
mailing list